Security-focused AI model designed for automated detection and resolution of code vulnerabilities

tools

144 2 months ago

Readme

Overview

unisast is a security-focused AI model developed to identify and remediate vulnerabilities in source code. Tailored for developers and security professionals, this model automates the detection of common security flaws such as XSS, SQL injections, and unsafe input handling. It ensures that code adheres to modern security standards while maintaining its original functionality.


Features

  • Comprehensive Vulnerability Detection:
    • Identifies critical security risks, including:
      • Cross-Site Scripting (XSS)
      • SQL Injection
      • Unsafe input processing
      • Other common vulnerabilities
  • Secure Code Fixes:
    • Automatically generates production-ready fixes following best practices.
  • Minimal Code Disruption:
    • Fixes maintain the purpose and logic of the original code.
  • Customizable Performance:
    • Fine-tuned parameters ensure efficient and accurate results.

Usage

Input Format

Provide input in the following structured format:

  1. Vulnerability Type: Describe the type of vulnerability (e.g., XSS, SQL Injection).
  2. File Location: Specify the file or module containing the issue.
  3. Problematic Code: Include the vulnerable code snippet.
  4. Vulnerability Description: Provide a brief explanation of the issue and its impact.

Output

The model returns:

  • A secure, corrected version of the code.
  • Fixes that follow modern security best practices.

Example

Input

Vulnerability Type: SQL Injection
File Location: `app/routes/login.js`
Problematic Code:
const query = `SELECT * FROM users WHERE username = '${username}' AND password = '${password}'`;
db.query(query, (err, result) => {
    if (err) throw err;
    console.log(result);
});

Vulnerability Description: User inputs are directly embedded in the SQL query, enabling SQL injection attacks.

Output

const query = 'SELECT * FROM users WHERE username = ? AND password = ?';
db.query(query, [username, password], (err, result) => {
    if (err) throw err;
    console.log(result);
});

System Parameters

The following parameters are configured for unisast:

  • Base Model: qwen2.5-coder:latest
  • Temperature: 0.2 (Provides deterministic responses)
  • Context Length: 8192 tokens (Enables processing of long inputs)
  • Top_p: 0.7 (Controls response diversity)
  • Stop Tokens:
    • </tool_call>
    • <|im_end|>